There has been a significant increase in healthcare phishing attacks in recent weeks, both in frequency and the severity of attacks. In July alone, more than 1.6 million healthcare records were exposed due to healthcare phishing attacks and the attacks show no sign of slowing.
Healthcare phishing attacks are to be expected. The email accounts of healthcare employees often contain highly sensitive information – Information that can be used for a multitude of nefarious purposes such as tax fraud, medical identity theft to obtain prescription medications, and identity theft to obtain credit cards and loans. If access can be gained to the email account of one healthcare employee, messages can be sent to other employees in the organization from the compromised account. Since those messages come from a genuine email account within the organization, they are less likely to be blocked and are more likely to elicit a response. When one email account is compromised there is a high probability that access will be gained to other email accounts.
In the United States, a summary of all healthcare data breaches of more than 500 records is published by the Department of Health and Human Services’ Office for Civil Rights (OCR). The OCR breach portal lists hundreds of email-related data breaches have been reported since summaries first started being published in 2009, although there has been a significant increase in phishing-related data breaches in recent months. July 2018 saw two of the largest and most serious healthcare phishing attacks ever reported.
The largest healthcare phishing attacks in July were reported by the Iowa Health System (UnityPoint Health), Boys Town National Research Hospital, and Confluence Health. These healthcare phishing attacks resulted in the exposure of 1,421,107 records, 105,309 records, and 33,821 records respectively.
In July alone, there were 33 large data breaches reported to OCR. Those breaches include unauthorized accessing of health records by employees, lost devices containing electronic health information, improper disposal of medical records, and unauthorized disclosures of health records by employees. While unauthorized disclosures are often behind the majority of breaches, in July it was email-related hacking incidents were behind 39% of all reported data breaches. Those email account breaches resulted in the exposure and possible theft of 1,620,318 patients’ health and personal information. Not only was email the most common location of breached health information in July, it was the same story in March, April, May and June.
The large-scale healthcare phishing attacks have continued in August. This month, Augusta University Health reported a phishing attack had resulted in the exposure and possible theft of the PII and PHI of 417,000 individuals. In that attack hackers gained access to the email accounts of 24 members of staff. 38,000 records were also potentially accessed by hackers following a phishing attack on Legacy Health.
With the threat of healthcare phishing attacks greater than ever and the high cost of mitigating those breaches, it is more important than ever for healthcare organizations to improve their defenses against phishing.
TitanHQ offers healthcare organizations two vital cybersecurity solutions that can help to prevent phishing attacks, which along side ongoing security awareness and anti-phishing training for staff can greatly reduce the potential for a successful phishing attack to occur.
SpamTitan is an advanced spam filtering solution that blocks 100% of known malware and more than 99.97% of malicious emails, preventing them from reaching end users inboxes. Occasional emails may be delivered to inboxes, which is where WebTitan helps. WebTitan is a powerful DNS web filtering solution that blocks attempts by employees to access known phishing websites, stopping them from reaching websites where they would otherwise disclose their login credentials.
To find out more about these solutions and how they can be deployed in a healthcare environment, contact the TitanHQ sales team today and take an important first step towards improving the resilience of your organization to phishing attacks.